02 November 2016
Blogs by author: Tom Leonard, In-Life Product Manager, BT.
With the biggest shopping day of the year just around the corner, here’s why retailers have to make sure they avoid a cyber-crime catastrophe.
A nightmare scenario for stores.
Black Friday is almost here (along with the increasingly popular Cyber Monday). As every year, crowds of shoppers will flock to retailers’ stores and websites in search of rock-bottom prices. And this will mean a huge increase in both physical and digital sales.
The last thing retailers want is for their sales to come to a sudden halt due to an inability to defend against, and mitigate, a major distributed denial of service (DDoS) attack.
Retailers face a growing threat.
Talk of cyber attacks on such a big shopping day might sound like scaremongering. As far as DDoS attacks go, last year’s Black Friday and Cyber Monday were quiet. But the threat is real. We’ve seen an increase in DDoS attacks recently. And that’s partly due to the release of the Mirari source code in September.
This gives individuals the ability to orchestrate legions of unsecured Internet of Things (IoT) devices to act as unwitting participants in targeted DDoS attacks. And these objects could be anything from domestic hubs and routers, to printers and digital video recorders.
The latest large DDoS attacks have used botnets just like this — proving that the bad guys are multiplying and, perhaps, gearing up for bigger things.
Prevention and mitigation are must-haves.
There are no easy answers to the question of how to secure IoT smart devices — especially at the ‘budget conscious’ end of the market. That’s why we expect that these DDoS attacks will continue to proliferate, meaning that targeted DDoS attacks of increasing scale and frequency will almost certainly occur as a result.
So how can retailers defend themselves against the threat of an attack on Black Friday?
Organisations have to use a combination of measures to safeguard against even the most determined DDoS attack. These include:
- limiting the impact of an attack by absorbing DDoS traffic targeted at the application layer, deflecting all DDoS traffic targeted at the network layer and authenticating valid traffic at the network edge
- choosing an ISP that connects directly to large carriers and other networks, as well as internet exchanges — allowing traffic to pass efficiently
- employing the services of a network-based DDoS provider — with a demonstrable track record of mitigating DDoS attacks and sinking significant data floods. This will safeguard specific IP address ranges that organisations want to protect.
Deal with DDoS the simple way.
Black Friday will be a big day for retailers — and hopefully for all the right reasons. To make sure that happens, organisations have to work with a network provider who can protect them from targeted DDoS attacks.
We offer our DDoS Protection in the UK as a built-in component of our Internet Connect services. Globally we can also provide DDoS protection even if you don’t currently take any network services from BT.
Head to our webpage or contact your account manager to discover more about how we can prevent DDoS attacks standing in the way of your business.